f87caf0e151c2ba79961110804187c89_JaffaCakes118 | Triage

Sharing

General

Target

f87caf0e151c2ba79961110804187c89_JaffaCakes118
Size

361KB
MD5

f87caf0e151c2ba79961110804187c89
SHA1

d38bbab43f1402ecc361a8886e9ed77537faa270
SHA256

b5462653407b378fc62b88e667a4bd6c16a483a49b3a722c41080e2443c50dad
SHA512

5f4307acc463efc7971a5be940a73cac17c798a7390495aa6edff8b01b04d471df47b3d32564a635393c5d4ec8357cc103a2773e97740963c8d72cf65258d908
SSDEEP

6144:k5ynOejYcL9hk6fdbpEOzsXOXJtiz0vCmxMFThN/2sADBBu8jtNW2HYFE:k5yFjXL9hk2FeROZtizyjy1N/2sA9Bus

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f87caf0e151c2ba79961110804187c89_JaffaCakes118

Files

f87caf0e151c2ba79961110804187c89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Adrian\Desktop\nost\nost\obj\Release\nost.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 107B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 337KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ